# -*- coding: utf-8 -*-
# TencentBlueKing is pleased to support the open source community by making
# 蓝鲸智云 - PaaS 平台 (BlueKing - PaaS System) available.
# Copyright (C) 2017 THL A29 Limited, a Tencent company. All rights reserved.
# Licensed under the MIT License (the "License"); you may not use this file except
# in compliance with the License. You may obtain a copy of the License at
#
#     http://opensource.org/licenses/MIT
#
# Unless required by applicable law or agreed to in writing, software distributed under
# the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
# either express or implied. See the License for the specific language governing permissions and
# limitations under the License.
#
# We undertake not to change the open source license (MIT license) applicable
# to the current version of the project delivered to anyone in the future.

# Generated by Django 3.2.12 on 2023-03-13 09:51
import logging

import blue_krill.models.fields
from blue_krill.encrypt.handler import EncryptHandler
from blue_krill.encrypt.utils import get_default_secret_key
from django.db import migrations


logger = logging.getLogger(__name__)


def encrypt_image_credentials_in_db(apps, schema_editor):
    """encrypt `password` in database before alert field to EncryptField to avoid decode error"""

    AppImageCredential = apps.get_model("images", "AppImageCredential")
    AppUserCredential = apps.get_model("images", "AppUserCredential")

    encrypt_handler = EncryptHandler(secret_key=get_default_secret_key())

    logger.info("start encrypt image credential in database...")
    for credential in AppImageCredential.objects.using(schema_editor.connection.alias).all():
        credential.password = encrypt_handler.encrypt(credential.password)
        credential.save(update_fields=["password", "updated"])

    for credential in AppUserCredential.objects.using(schema_editor.connection.alias).all():
        credential.password = encrypt_handler.encrypt(credential.password)
        credential.save(update_fields=["password", "updated"])
    logger.info("all image credential encrypted!")


class Migration(migrations.Migration):

    dependencies = [
        ('images', '0002_auto_20220906_1114'),
    ]

    operations = [
        # 必须先加密再修改字段类型, 否则取值会报错
        migrations.RunPython(code=encrypt_image_credentials_in_db),
        migrations.AlterField(
            model_name='appimagecredential',
            name='password',
            field=blue_krill.models.fields.EncryptField(help_text='镜像凭证', verbose_name='镜像凭证'),
        ),
        migrations.AlterField(
            model_name='appusercredential',
            name='password',
            field=blue_krill.models.fields.EncryptField(help_text='镜像凭证', verbose_name='镜像凭证'),
        ),
    ]
